lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <7d82cf5e-f60c-4295-9566-c40f6897fce7@redhat.com>
Date: Thu, 9 Oct 2025 12:30:27 +0200
From: David Hildenbrand <david@...hat.com>
To: Balbir Singh <balbirs@...dia.com>, linux-kernel@...r.kernel.org
Cc: Alexander Potapenko <glider@...gle.com>,
 Andrew Morton <akpm@...ux-foundation.org>,
 Brendan Jackman <jackmanb@...gle.com>, Christoph Lameter <cl@...two.org>,
 Dennis Zhou <dennis@...nel.org>, Dmitry Vyukov <dvyukov@...gle.com>,
 dri-devel@...ts.freedesktop.org, intel-gfx@...ts.freedesktop.org,
 iommu@...ts.linux.dev, io-uring@...r.kernel.org,
 Jason Gunthorpe <jgg@...dia.com>, Jens Axboe <axboe@...nel.dk>,
 Johannes Weiner <hannes@...xchg.org>, John Hubbard <jhubbard@...dia.com>,
 kasan-dev@...glegroups.com, kvm@...r.kernel.org,
 "Liam R. Howlett" <Liam.Howlett@...cle.com>,
 Linus Torvalds <torvalds@...ux-foundation.org>, linux-arm-kernel@...s.com,
 linux-arm-kernel@...ts.infradead.org, linux-crypto@...r.kernel.org,
 linux-ide@...r.kernel.org, linux-kselftest@...r.kernel.org,
 linux-mips@...r.kernel.org, linux-mmc@...r.kernel.org, linux-mm@...ck.org,
 linux-riscv@...ts.infradead.org, linux-s390@...r.kernel.org,
 linux-scsi@...r.kernel.org, Lorenzo Stoakes <lorenzo.stoakes@...cle.com>,
 Marco Elver <elver@...gle.com>, Marek Szyprowski <m.szyprowski@...sung.com>,
 Michal Hocko <mhocko@...e.com>, Mike Rapoport <rppt@...nel.org>,
 Muchun Song <muchun.song@...ux.dev>, netdev@...r.kernel.org,
 Oscar Salvador <osalvador@...e.de>, Peter Xu <peterx@...hat.com>,
 Robin Murphy <robin.murphy@....com>, Suren Baghdasaryan <surenb@...gle.com>,
 Tejun Heo <tj@...nel.org>, virtualization@...ts.linux.dev,
 Vlastimil Babka <vbabka@...e.cz>, wireguard@...ts.zx2c4.com, x86@...nel.org,
 Zi Yan <ziy@...dia.com>
Subject: Re: [PATCH RFC 06/35] mm/page_alloc: reject unreasonable
 folio/compound page sizes in alloc_contig_range_noprof()

On 09.10.25 12:25, Balbir Singh wrote:
> On 10/9/25 17:12, David Hildenbrand wrote:
>> On 09.10.25 06:21, Balbir Singh wrote:
>>> On 8/22/25 06:06, David Hildenbrand wrote:
>>>> Let's reject them early, which in turn makes folio_alloc_gigantic() reject
>>>> them properly.
>>>>
>>>> To avoid converting from order to nr_pages, let's just add MAX_FOLIO_ORDER
>>>> and calculate MAX_FOLIO_NR_PAGES based on that.
>>>>
>>>> Signed-off-by: David Hildenbrand <david@...hat.com>
>>>> ---
>>>>    include/linux/mm.h | 6 ++++--
>>>>    mm/page_alloc.c    | 5 ++++-
>>>>    2 files changed, 8 insertions(+), 3 deletions(-)
>>>>
>>>> diff --git a/include/linux/mm.h b/include/linux/mm.h
>>>> index 00c8a54127d37..77737cbf2216a 100644
>>>> --- a/include/linux/mm.h
>>>> +++ b/include/linux/mm.h
>>>> @@ -2055,11 +2055,13 @@ static inline long folio_nr_pages(const struct folio *folio)
>>>>      /* Only hugetlbfs can allocate folios larger than MAX_ORDER */
>>>>    #ifdef CONFIG_ARCH_HAS_GIGANTIC_PAGE
>>>> -#define MAX_FOLIO_NR_PAGES    (1UL << PUD_ORDER)
>>>> +#define MAX_FOLIO_ORDER        PUD_ORDER
>>>
>>> Do we need to check for CONTIG_ALLOC as well with CONFIG_ARCH_HAS_GIGANTIC_PAGE?
>>>
>>
>> I don't think so, can you elaborate?
>>
> 
> The only way to allocate a gigantic page is to use CMA, IIRC, which is covered by CONTIG_ALLOC

As we are discussing as part of v2 right now, there is the way to just 
obtain them from memblock during boot.

> 
>>>>    #else
>>>> -#define MAX_FOLIO_NR_PAGES    MAX_ORDER_NR_PAGES
>>>> +#define MAX_FOLIO_ORDER        MAX_PAGE_ORDER
>>>>    #endif
>>>>    +#define MAX_FOLIO_NR_PAGES    (1UL << MAX_FOLIO_ORDER)
>>>> +
>>>>    /*
>>>>     * compound_nr() returns the number of pages in this potentially compound
>>>>     * page.  compound_nr() can be called on a tail page, and is defined to
>>>> diff --git a/mm/page_alloc.c b/mm/page_alloc.c
>>>> index ca9e6b9633f79..1e6ae4c395b30 100644
>>>> --- a/mm/page_alloc.c
>>>> +++ b/mm/page_alloc.c
>>>> @@ -6833,6 +6833,7 @@ static int __alloc_contig_verify_gfp_mask(gfp_t gfp_mask, gfp_t *gfp_cc_mask)
>>>>    int alloc_contig_range_noprof(unsigned long start, unsigned long end,
>>>>                      acr_flags_t alloc_flags, gfp_t gfp_mask)
>>>>    {
>>>> +    const unsigned int order = ilog2(end - start);
>>>
>>> Do we need a VM_WARN_ON(end < start)?
>>
>> I don't think so.
>>
> 
> end - start being < 0, completely breaks ilog2. But we would error out because ilog2 > MAX_FOLIO_ORDER, so we should fine

Right, and if we have code that buggy that does it, it probably 
shouldn't be our responsibility to sanity check that :)

It would have been completely buggy before this patch.

> 
>>>
>>>>        unsigned long outer_start, outer_end;
>>>>        int ret = 0;
>>>>    @@ -6850,6 +6851,9 @@ int alloc_contig_range_noprof(unsigned long start, unsigned long end,
>>>>                            PB_ISOLATE_MODE_CMA_ALLOC :
>>>>                            PB_ISOLATE_MODE_OTHER;
>>>>    +    if (WARN_ON_ONCE((gfp_mask & __GFP_COMP) && order > MAX_FOLIO_ORDER))
>>>> +        return -EINVAL;
>>>> +
>>>>        gfp_mask = current_gfp_context(gfp_mask);
>>>>        if (__alloc_contig_verify_gfp_mask(gfp_mask, (gfp_t *)&cc.gfp_mask))
>>>>            return -EINVAL;
>>>> @@ -6947,7 +6951,6 @@ int alloc_contig_range_noprof(unsigned long start, unsigned long end,
>>>>                free_contig_range(end, outer_end - end);
>>>>        } else if (start == outer_start && end == outer_end && is_power_of_2(end - start)) {
>>>>            struct page *head = pfn_to_page(start);
>>>> -        int order = ilog2(end - start);
>>>>              check_new_pages(head, order);
>>>>            prep_new_page(head, order, gfp_mask, 0);
>>>
>>> Acked-by: Balbir Singh <balbirs@...dia.com>
>>
>> Thanks for the review, but note that this is already upstream.
>>
> 
> Sorry, this showed up in my updated mm thread and I ended up reviewing it, please ignore if it's upstream

I'm happy for any review (better in reply to v2), because any bug caught 
early is good!


-- 
Cheers

David / dhildenb


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ